Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

obrazky

To, co se nehodí jinam..

Moderátor: Moderátoři

Odpovědět
Zpráva
Autor
boss382
2. Stupeň Varování
Příspěvky: 86
Registrován: 03 úno 2011 15:55

obrazky

#1 Příspěvek od boss382 »

neviem si s týmto rady:
Obrázek
v pravo dole

robí mi to aj s ostatnými programami npr. ICQ(dole su spraví tie mi neukáže), talčiarnou...
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119405
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: obrazky

#2 Příspěvek od Rudy »

Dejte log z RSIT: http://www.viry.cz/forum/viewtopic.php?f=13&t=105895 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
boss382
2. Stupeň Varování
Příspěvky: 86
Registrován: 03 úno 2011 15:55

Re: obrazky

#3 Příspěvek od boss382 »

Logfile of random's system information tool 1.08 (written by random/random)
Run by Daniel at 2011-05-18 02:39:10
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 11 GB (37%) free of 30 GB
Total RAM: 2013 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:39:23, on 18.5.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\ATK Hotkey\HControl.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\WINDOWS\AsScrPro.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Genius\ioCentre\gTaskBar.exe
C:\WINDOWS\system32\hasplms.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\ASUS\ATK Hotkey\WDC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Nero\Update\NASvc.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ACEngSvr.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Genius\ioCentre\gMouseTask.exe
C:\Genius\ioCentre\gKbdTask.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Genius\ioCentre\gIoCentreFunMgm.exe
C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
D:\tibor\RSIT.exe
C:\Program Files\trend micro\Daniel.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2645238
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ZoneAlarm Security Toolbar - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files\ZoneAlarm_Security\tbZone.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ZoneAlarm Security Toolbar - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files\ZoneAlarm_Security\tbZone.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [MsgTranAgt] C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKHOTKEY] C:\Program Files\ASUS\ATK Hotkey\HControl.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ADSMTray] C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\WINDOWS\AsScrPro.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\WINDOWS\AsScrProlog.exe
O4 - HKLM\..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: Aspwdflt - C:\Program Files\ASUS\ASUS Data Security Manager\ASPWDFLT.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Sentinel HASP License Manager (hasplms) - SafeNet Inc. - C:\WINDOWS\system32\hasplms.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: SRS Volume Sync Service (SRS_VolSync_Service) - SRS Labs, Inc. - C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 13187 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1297372538.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-04-15 1164680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-04-12 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-04-12 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{91da5e8a-3318-4f8c-b67e-5964de3ab546} - ZoneAlarm Security Toolbar - C:\Program Files\ZoneAlarm_Security\tbZone.dll [2010-12-01 2735200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2009-08-28 33673216]
"MsgTranAgt"=C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe [2008-08-18 117304]
"HControlUser"=C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [2008-08-18 98304]
"ATKHOTKEY"=C:\Program Files\ASUS\ATK Hotkey\HControl.exe [2009-03-20 174648]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMedia.exe [2009-04-07 159744]
"ATKOSD2"=C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [2009-03-04 8392704]
"ADSMTray"=C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe [2008-04-01 266240]
"Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2006-07-26 90112]
"ASUS Screen Saver Protector"=C:\WINDOWS\AsScrPro.exe [2011-01-31 3054136]
"ASUS Camera ScreenSaver"=C:\WINDOWS\AsScrProlog.exe [2011-01-31 47672]
"ACMON"=C:\Program Files\ASUS\Splendid\ACMON.exe [2008-10-01 851968]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-03-30 418816]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"ioCentre"=C:\Genius\ioCentre\gTaskBar.exe [2009-09-03 61440]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2010-07-20 129536]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2010-07-20 163328]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2010-07-20 138752]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2010-04-12 180224]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-03-09 2769336]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2011-03-18 1043968]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2009-11-15 33120]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2011-04-20 2423752]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
FancyStart daemon.lnk - C:\WINDOWS\Installer\{F9F20920-313D-4D6F-866B-2737B77E1857}\_DC60F4E342E06843E7FCD0.exe
hp psc 1000 series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-09-04 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Aspwdflt]
C:\Program Files\ASUS\ASUS Data Security Manager\ASPWDFLT.dll [2009-02-10 1556480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2010-07-20 214016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ASUS\ASUS Data Security Manager\ASPWDFLT

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoInstrumentation"=1
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=1
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"D:\program files\cs 1.6\hl.exe"="D:\program files\cs 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\TeamViewer\Version6\TeamViewer.exe"="C:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\WINDOWS\system32\hasplms.exe"="C:\WINDOWS\system32\hasplms.exe:*:Enabled:HASP LLM"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit"
"C:\Documents and Settings\Daniel\Local Settings\Application Data\Google\Google Earth\client\googleearth.exe"="C:\Documents and Settings\Daniel\Local Settings\Application Data\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\Counter-Strike 1.6\hl.exe"="C:\Program Files\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Garena\Garena.exe"="C:\Program Files\Garena\Garena.exe:*:Enabled:Garena"
"D:\program files\Warcraft III\war3.exe"="D:\program files\Warcraft III\war3.exe:*:Enabled:Warcraft III"
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe"="C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe"="C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh"

======List of files/folders created in the last 1 months======

2011-05-13 17:43:50 ----SHD---- C:\RECYCLER
2011-05-13 17:43:05 ----D---- C:\Program Files\IrfanView
2011-05-13 17:31:16 ----D---- C:\Documents and Settings\Daniel\Application Data\FastStone
2011-05-13 17:30:35 ----D---- C:\Program Files\FastStone Image Viewer
2011-05-13 15:18:14 ----D---- C:\Documents and Settings\All Users\Application Data\Skype Extras
2011-05-13 15:17:58 ----D---- C:\Program Files\Common Files\Skype
2011-05-13 14:13:55 ----RHD---- C:\Documents and Settings\Daniel\Application Data\SecuROM
2011-05-13 14:13:54 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2011-05-13 14:11:15 ----D---- C:\Documents and Settings\Daniel\Application Data\Leadertech
2011-05-13 13:58:53 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2011-05-13 13:58:53 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2011-05-13 13:58:52 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2011-05-13 13:58:52 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2011-05-13 13:58:51 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2011-05-13 13:58:51 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2011-05-13 13:58:51 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2011-05-13 13:58:50 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2011-05-13 13:58:50 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2011-05-13 13:58:50 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2011-05-13 13:58:49 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2011-05-13 13:58:49 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2011-05-13 13:58:48 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2011-05-13 13:58:48 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2011-05-13 13:58:47 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2011-05-13 13:58:47 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2011-05-13 13:58:46 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2011-05-13 13:58:46 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2011-05-13 13:58:45 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2011-05-13 13:58:45 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2011-05-13 13:58:45 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2011-05-13 13:58:44 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2011-05-13 13:58:44 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2011-05-13 13:58:44 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2011-05-13 13:58:44 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2011-05-13 13:58:43 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2011-05-13 13:58:43 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2011-05-13 13:58:42 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2011-05-13 13:58:41 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2011-05-13 13:58:41 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2011-05-13 13:58:38 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2011-05-13 13:58:38 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2011-05-13 13:58:38 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2011-05-13 13:58:37 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2011-05-13 13:58:37 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2011-05-13 13:58:37 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2011-05-13 13:58:37 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2011-05-13 13:58:37 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2011-05-13 13:58:37 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2011-05-13 13:58:36 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2011-05-13 13:58:36 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2011-05-13 13:58:36 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2011-05-13 13:58:30 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2011-05-13 13:58:30 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2011-05-13 13:58:30 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2011-05-13 13:58:30 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2011-05-13 13:58:29 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2011-05-13 13:58:29 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2011-05-13 13:58:29 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2011-05-13 13:58:28 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2011-05-13 13:58:28 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2011-05-13 13:58:27 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2011-05-13 13:57:51 ----D---- C:\WINDOWS\Logs
2011-05-09 21:13:12 ----D---- C:\Documents and Settings\Daniel\Application Data\Help
2011-05-09 17:35:46 ----D---- C:\Documents and Settings\All Users\Application Data\ZA_PreservedFiles
2011-05-03 15:41:09 ----A---- C:\ComboFix.txt
2011-05-02 15:00:00 ----A---- C:\Boot.bak
2011-05-02 14:59:53 ----RASHD---- C:\cmdcons
2011-05-02 14:56:05 ----A---- C:\WINDOWS\zip.exe
2011-05-02 14:56:05 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-05-02 14:56:05 ----A---- C:\WINDOWS\SWSC.exe
2011-05-02 14:56:05 ----A---- C:\WINDOWS\SWREG.exe
2011-05-02 14:56:05 ----A---- C:\WINDOWS\sed.exe
2011-05-02 14:56:05 ----A---- C:\WINDOWS\PEV.exe
2011-05-02 14:56:05 ----A---- C:\WINDOWS\NIRCMD.exe
2011-05-02 14:56:05 ----A---- C:\WINDOWS\MBR.exe
2011-05-02 14:56:05 ----A---- C:\WINDOWS\grep.exe
2011-05-02 14:54:49 ----D---- C:\WINDOWS\ERDNT
2011-05-02 14:53:44 ----D---- C:\Qoobox
2011-05-01 11:19:56 ----D---- C:\Program Files\Sun
2011-05-01 10:58:26 ----D---- C:\Documents and Settings\Daniel\Application Data\Babylon
2011-05-01 10:58:26 ----D---- C:\Documents and Settings\All Users\Application Data\Babylon
2011-05-01 09:55:43 ----A---- C:\WINDOWS\system32\drivers\74006782.sys
2011-05-01 09:55:43 ----A---- C:\WINDOWS\system32\drivers\74006781.sys
2011-05-01 09:55:43 ----A---- C:\WINDOWS\system32\drivers\7400678.sys
2011-04-30 20:17:45 ----D---- C:\Documents and Settings\Daniel\Application Data\Malwarebytes
2011-04-30 20:17:38 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2011-04-30 20:17:38 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-04-30 20:17:35 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-04-30 20:17:34 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-04-30 15:11:45 ----D---- C:\Documents and Settings\Daniel\Application Data\SUPERAntiSpyware.com
2011-04-30 15:11:45 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2011-04-30 15:11:39 ----D---- C:\Program Files\SUPERAntiSpyware
2011-04-30 15:03:45 ----D---- C:\Documents and Settings\Daniel\Application Data\CheckPoint
2011-04-30 15:03:15 ----D---- C:\Program Files\ZoneAlarm_Security
2011-04-30 15:02:56 ----D---- C:\Program Files\CheckPoint
2011-04-30 15:02:52 ----A---- C:\WINDOWS\system32\vsregexp.dll
2011-04-30 15:02:51 ----A---- C:\WINDOWS\system32\zlcommdb.dll
2011-04-30 15:02:51 ----A---- C:\WINDOWS\system32\zlcomm.dll
2011-04-30 15:02:46 ----A---- C:\WINDOWS\system32\vswmi.dll
2011-04-30 15:02:45 ----A---- C:\WINDOWS\system32\zpeng25.dll
2011-04-30 15:02:45 ----A---- C:\WINDOWS\system32\vsxml.dll
2011-04-30 15:02:44 ----D---- C:\WINDOWS\system32\ZoneLabs
2011-04-30 15:02:44 ----A---- C:\WINDOWS\system32\vspubapi.dll
2011-04-30 15:02:44 ----A---- C:\WINDOWS\system32\vsmonapi.dll
2011-04-30 15:02:43 ----D---- C:\Program Files\Zone Labs
2011-04-30 15:02:43 ----A---- C:\WINDOWS\system32\vsdatant.sys
2011-04-30 15:02:15 ----D---- C:\WINDOWS\Internet Logs
2011-04-30 15:02:15 ----A---- C:\WINDOWS\system32\vsinit.dll
2011-04-30 15:02:15 ----A---- C:\WINDOWS\system32\vsdata.dll
2011-04-30 15:02:14 ----A---- C:\WINDOWS\system32\vsutil.dll
2011-04-28 18:48:23 ----D---- C:\Documents and Settings\Daniel\Application Data\Hex-Rays
2011-04-28 18:48:10 ----D---- C:\Program Files\IDA Free
2011-04-26 20:58:35 ----A---- C:\WINDOWS\tdlp32.ini
2011-04-26 20:57:07 ----D---- C:\Program Files\Xara
2011-04-26 20:57:07 ----D---- C:\Program Files\Common Files\Xara
2011-04-23 13:55:20 ----A---- C:\WINDOWS\War3Unin.pif
2011-04-23 13:55:20 ----A---- C:\WINDOWS\War3Unin.exe
2011-04-23 09:10:07 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2011-04-19 15:17:19 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-04-19 15:17:19 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-04-19 15:17:18 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-04-19 15:17:17 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-04-19 15:17:15 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-04-19 15:17:15 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-04-19 15:17:14 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-04-19 15:16:54 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-04-19 15:16:49 ----D---- C:\Program Files\Alwil Software
2011-04-19 15:16:49 ----D---- C:\Documents and Settings\All Users\Application Data\Alwil Software

======List of files/folders modified in the last 1 months======

2011-05-18 02:39:12 ----D---- C:\Program Files\trend micro
2011-05-18 02:36:11 ----D---- C:\WINDOWS\Temp
2011-05-18 02:23:24 ----D---- C:\WINDOWS\Prefetch
2011-05-17 21:38:42 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-05-17 21:38:29 ----D---- C:\Documents and Settings\Daniel\Application Data\Skype
2011-05-17 20:01:26 ----D---- C:\WINDOWS\Eurobattle.net
2011-05-17 19:56:30 ----D---- C:\WINDOWS\system32\CatRoot2
2011-05-17 17:56:14 ----D---- C:\Documents and Settings\Daniel\Application Data\skypePM
2011-05-15 17:44:59 ----D---- C:\Documents and Settings\Daniel\Application Data\Winamp
2011-05-14 20:48:11 ----D---- C:\Program Files\JDownloader
2011-05-14 07:56:26 ----SHD---- C:\System Volume Information
2011-05-14 07:56:11 ----RD---- C:\Program Files
2011-05-13 23:01:27 ----D---- C:\WINDOWS
2011-05-13 15:18:34 ----SHD---- C:\WINDOWS\Installer
2011-05-13 15:18:32 ----RD---- C:\Program Files\Skype
2011-05-13 15:17:58 ----D---- C:\Program Files\Common Files
2011-05-13 15:17:50 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2011-05-13 14:13:54 ----D---- C:\WINDOWS\system32
2011-05-13 14:10:55 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2011-05-13 13:58:53 ----HD---- C:\WINDOWS\inf
2011-05-13 13:58:36 ----RSD---- C:\WINDOWS\assembly
2011-05-13 13:58:32 ----D---- C:\WINDOWS\Microsoft.NET
2011-05-13 13:57:52 ----D---- C:\WINDOWS\system32\DirectX
2011-05-11 22:16:11 ----SD---- C:\WINDOWS\Tasks
2011-05-10 07:18:58 ----D---- C:\WINDOWS\system32\Restore
2011-05-09 20:11:45 ----D---- C:\Documents and Settings\Daniel\Application Data\TeamViewer
2011-05-03 15:39:20 ----A---- C:\WINDOWS\system.ini
2011-05-03 15:37:02 ----D---- C:\WINDOWS\system32\drivers
2011-05-03 15:37:01 ----D---- C:\WINDOWS\AppPatch
2011-05-02 15:06:03 ----D---- C:\WINDOWS\system32\drivers\etc
2011-05-02 15:00:00 ----RASH---- C:\boot.ini
2011-05-01 11:46:13 ----RSD---- C:\WINDOWS\Fonts
2011-05-01 11:20:16 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-04-30 20:51:58 ----D---- C:\Program Files\Mozilla Firefox
2011-04-30 20:26:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2482017$
2011-04-30 15:15:20 ----SD---- C:\Documents and Settings\Daniel\Application Data\Microsoft
2011-04-28 19:12:25 ----D---- C:\Program Files\Opera
2011-04-26 20:57:12 ----HD---- C:\Program Files\InstallShield Installation Information
2011-04-23 19:26:31 ----D---- C:\Documents and Settings\Daniel\Application Data\ICQ
2011-04-23 11:20:27 ----D---- C:\Program Files\Garena
2011-04-23 09:18:12 ----D---- C:\Documents and Settings\Daniel\Application Data\Vidalia
2011-04-23 09:18:12 ----D---- C:\Documents and Settings\Daniel\Application Data\Tor
2011-04-23 09:14:50 ----D---- C:\Program Files\Texa S.p.A
2011-04-23 09:13:48 ----D---- C:\WINDOWS\WinSxS
2011-04-23 09:10:03 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-04-23 09:09:53 ----D---- C:\Program Files\AbsoluteTelnet
2011-04-19 23:06:54 ----D---- C:\Program Files\LG PC Suite II
2011-04-19 15:14:30 ----D---- C:\Documents and Settings\All Users\Application Data\MFAData

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AsDsm;AsDsm; C:\WINDOWS\system32\drivers\AsDsm.sys [2011-01-31 30264]
R0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys [2010-12-03 64288]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2011-04-11 691696]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-03-09 28880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-03-09 162640]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-03-09 46672]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2010-04-12 59388]
R1 VBoxDrv;VirtualBox Service; C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys [2009-08-05 115856]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [2009-08-05 41424]
R2 aksfridge;Sentinel HASP Fridge; C:\WINDOWS\system32\DRIVERS\aksfridge.sys [2009-08-20 356864]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-03-09 19024]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-03-09 100432]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys []
R2 hardlock;hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2010-06-04 1606368]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-03-09 23376]
R3 ETD;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2009-03-30 129024]
R3 gHidPnp;USB Device Enhanced Function Driver; C:\WINDOWS\System32\Drivers\gHidPnp.Sys [2009-11-02 20480]
R3 gMouUsb;USB Mouse Device Drv; C:\WINDOWS\system32\DRIVERS\gMouUsb.sys [2009-11-02 11520]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2010-07-20 2003584]
R3 kbfiltr;Keyboard Filter; C:\WINDOWS\system32\DRIVERS\kbfiltr.sys [2008-11-03 13880]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-12-16 38400]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2006-12-17 7680]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2008-08-11 1752704]
R3 SRS_PremiumSound_Service;SRS Labs Premium Sound; C:\WINDOWS\system32\drivers\srs_PremiumSound_i386.sys [2009-04-01 233128]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2009-08-05 91472]
R3 VBoxNetFlt;VBoxNetFlt Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys [2009-08-05 99472]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2009-08-17 1390976]
S0 74006782;74006782 Boot Guard Driver; C:\WINDOWS\system32\DRIVERS\74006782.sys [2009-10-22 37392]
S1 74006781;74006781; C:\WINDOWS\system32\DRIVERS\74006781.sys [2009-09-25 128016]
S1 setup_9.0.0.722_30.04.2011_21-34drv;setup_9.0.0.722_30.04.2011_21-34drv; C:\WINDOWS\system32\DRIVERS\7400678.sys [2009-10-09 315408]
S3 akshasp;SafeNet Inc. HASP Key; C:\WINDOWS\system32\DRIVERS\akshasp.sys [2009-03-13 238208]
S3 akshhl;SafeNet Inc. Sentinel HASP Key; C:\WINDOWS\system32\DRIVERS\akshhl.sys [2007-07-23 46336]
S3 aksusb;SafeNet Inc. USB Key; C:\WINDOWS\system32\DRIVERS\aksusb.sys [2009-06-22 16384]
S3 ASUSProcObsrv;ASUS Process Creation/Termination Observer; \??\E:\I386\AsProcOb.sys []
S3 awf41tyv;awf41tyv; C:\WINDOWS\system32\drivers\awf41tyv.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\Daniel\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 esihdrv;esihdrv; \??\C:\DOCUME~1\Daniel\LOCALS~1\Temp\esihdrv.sys []
S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2006-05-18 47249]
S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2006-05-18 61067]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena\safedrv.sys []
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-03-09 51024]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-03-09 16080]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-03-09 21456]
S3 monfilt;monfilt; C:\WINDOWS\system32\drivers\monfilt.sys [2008-02-14 1389056]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 s115bus;Sony Ericsson Device 115 driver (WDM); C:\WINDOWS\system32\DRIVERS\s115bus.sys [2007-04-23 83208]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s115mdfl.sys [2007-04-23 15112]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s115mdm.sys [2007-04-23 108680]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s115mgmt.sys [2007-04-23 100488]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s115obex.sys [2007-04-23 98568]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2008-11-11 13056]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2008-11-11 19968]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2008-11-11 24832]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S4 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2010-05-13 532224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-03-09 40384]
R2 hasplms;Sentinel HASP License Manager; C:\WINDOWS\system32\hasplms.exe [2009-12-16 3750400]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-04-12 153376]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]
R2 SRS_VolSync_Service;SRS Volume Sync Service; C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [2009-04-07 70880]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-03-09 40384]
R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-02-14 136176]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-03-09 40384]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-02-14 136176]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2003-03-09 65795]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 ADSMService;ADSM Service; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
S4 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
S4 GeniusMouseService;GeniusMouseService; C:\Genius\ioCentre\GMouseService.exe [2010-03-11 12288]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119405
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: obrazky

#4 Příspěvek od Rudy »

V logu neníi nic nebezpečného vidět. Jen by mne zajímalo, proč máte několikrát otevřené ovládání hlasitosti (C:\WINDOWS\system32\SNDVOL32.EXE) .Dejte log z ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Všehochuť“